Cybercriminals turning their focus on healthcare: conference

Update:
September, 06/2019 - 18:04

|

A Q&A section at the fifth Cybersecurity Weekend held by Kaspersky in Myanmar on Thursday. — VNS Photo

YANGON — Healthcare organisations collect and store vast amounts of personal information but are not tech-savvy, making them a sitting duck for cybercriminals, the fifth Cybersecurity Weekend held by Kaspersky in Myanmar on Thursday heard.

Stephan Neumeier, managing director of Kaspersky, Asia Pacific, said: “As rapid digitalisation penetrates the healthcare sector, cybercriminals are seeing more opportunities to attack this lucrative and critical industry, which is honestly not equipped enough to face this virtual danger.”

Attacks against hospitals and pharmaceuticals have been happening worldwide, especially in the more advanced countries in the west, but in recent years the threat has been creeping towards the Asia-Pacific, he said.

Reports have even projected the region’s medical industry incurring losses of US$23.3 million from cybersecurity incidents, he added.

Delegates said Singapore, the highly-connected technology and business hub of Asia, suffered four data breaches at healthcare organisations in just the last 12 months. One even involved the health records of the country’s prime minister.

The infamous Wannacry ransomware has crippled several medical establishments in the region, especially in mainland China, Hong Kong and Việt Nam, they added.

Seongsu Park, security researcher at Kaspersky, said: “With the healthcare sector lagging a bit in terms of its cybersecurity capabilities, we observe that hacking groups are now off to exploit this fact by adding medical information and hospital attacks to their services list publicly available on the dark web. Any organisation, individual and company can be their potential customer since these cybercriminals are offering various services.”

He pointed out medical records are more valuable than a simple credit card because a hospital generally requires a patient’s personal and financial credentials before a check-up or admission.

“Based on the indications and patterns we have seen and are still seeing on the dark web, the main purpose of the individuals behind these hacking groups is to sell the medical information to another crime group or to any individual who aims to access confidential medical data. It is quite alarming that we are increasingly coming across such active advertisements, which can either mean this illegal practice has turned into a normal type of business or the demand for such attacks are becoming increasingly high.”

According to Park, the motives of the buyers could include calling scam, identity and monetary theft or blackmailing and any derived crimes.

When it comes to possible customer profiles, the anonymous nature of the dark web opens up the possibility it could be anyone, from a new hacker to an enterprise or even a nation-backed cyber espionage group, he added.

Denis Makrushin, head of application security at Ingram Micro, said: “Given that healthcare is a very critical sector, where a matter of second dictates the difference between life and death, it is not surprising that it evolves quicker compared with other industries.

“It is filled with advanced research and development because it is always under an emergency alert to cure and save human lives.

“However, are these technological advances at par with its complex cybersecurity requirements? This is the question we wanted to answer in this event.

“Because the industry may not be as targeted as banks. Not today, but given the pattern of attacks we are seeing, it will soon be.”

Yury Namestnikov, head of Kaspersky’s global research and analysis team in Russia, said: “Medical infrastructure has a lot of devices, some of them portable, most of them are becoming more and more connected to the internet. There’s even a technology being developed which will soon allow doctors to do surgeries remotely.

“We are definitely entering the era of the ultra-connected medicine. And I have to say that, while we welcome these advancements, we cannot deny that these will open wider doors for cybercriminals. This is a truth the healthcare sector should take into consideration seriously.”

Acknowledging the serious threat cybercriminals pose to healthcare, experts suggested medical organisations should identify the important data they are storing and figure out how they can protect them, increase education in cybersecurity, employ real-time and in-depth threat intelligence as well as holistic cybersecurity solutions. — VNS